diff --git a/scripts/http-auth.nse b/scripts/http-auth.nse index 122b90f95..825c10ff9 100644 --- a/scripts/http-auth.nse +++ b/scripts/http-auth.nse @@ -26,7 +26,7 @@ categories = {"default", "auth", "intrusive"} require "shortport" require "http" -portrule = shortport.port_or_service({80, 443, 8080}, {"http","https"}) +portrule = shortport.http action = function(host, port) local www_authenticate diff --git a/scripts/http-date.nse b/scripts/http-date.nse index 0b5120ad8..698bddc1d 100644 --- a/scripts/http-date.nse +++ b/scripts/http-date.nse @@ -21,8 +21,7 @@ require("http") require("shortport") require("stdnse") -portrule = shortport.port_or_service({80, 443, 631, 8080}, - {"http", "https", "ipp", "http-alt"}) +portrule = shortport.http action = function(host, port) -- Get the local date in UTC. diff --git a/scripts/http-enum.nse b/scripts/http-enum.nse index 3583b92c4..d70013793 100644 --- a/scripts/http-enum.nse +++ b/scripts/http-enum.nse @@ -57,6 +57,7 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"discovery", "intrusive", "vuln"} require 'http' +require 'shortport' require 'stdnse' -- List of fingerprint files @@ -70,20 +71,7 @@ if(nmap and nmap.registry and nmap.registry.args and nmap.registry.args.fingerpr end end -portrule = function(host, port) - local svc = { std = { ["http"] = 1, ["http-alt"] = 1 }, - ssl = { ["https"] = 1, ["https-alt"] = 1 } } - if port.protocol ~= 'tcp' - or not ( svc.std[port.service] or svc.ssl[port.service] ) then - return false - end - -- Don't bother running on SSL ports if we don't have SSL. - if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl') - and not nmap.have_ssl() then - return false - end - return true -end +portrule = shortport.http ---Convert the filename to backup variations. These can be valuable for a number of reasons. -- First, because they may not have the same access restrictions as the main version (file.php diff --git a/scripts/http-favicon.nse b/scripts/http-favicon.nse index 8c476bc7c..441d26345 100644 --- a/scripts/http-favicon.nse +++ b/scripts/http-favicon.nse @@ -38,8 +38,7 @@ require "stdnse" require "datafiles" require "nsedebug" -portrule = shortport.port_or_service({80, 443, 8080, 8443}, - {"http", "https", "http-alt", "https-alt"}) +portrule = shortport.http action = function(host, port) local md5sum,answer diff --git a/scripts/http-headers.nse b/scripts/http-headers.nse index 5fab58ae5..15cfe8f05 100644 --- a/scripts/http-headers.nse +++ b/scripts/http-headers.nse @@ -31,20 +31,7 @@ categories = {"discovery", "safe"} require "shortport" require "http" -portrule = function(host, port) - local svc = { std = { ["http"] = 1, ["http-alt"] = 1 }, - ssl = { ["https"] = 1, ["https-alt"] = 1 } } - if port.protocol ~= 'tcp' - or not ( svc.std[port.service] or svc.ssl[port.service] ) then - return false - end - -- Don't bother running on SSL ports if we don't have SSL. - if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl') - and not nmap.have_ssl() then - return false - end - return true -end +portrule = shortport.http action = function(host, port) local path = nmap.registry.args.path diff --git a/scripts/http-iis-webdav-vuln.nse b/scripts/http-iis-webdav-vuln.nse index 0b3fa9a30..3ae608d45 100644 --- a/scripts/http-iis-webdav-vuln.nse +++ b/scripts/http-iis-webdav-vuln.nse @@ -33,7 +33,7 @@ categories = {"vuln", "intrusive"} require "http" require "shortport" -portrule = shortport.port_or_service({80, 443, 8080}, {"http", "https"}) +portrule = shortport.http ---Enumeration for results local enum_results = diff --git a/scripts/http-malware-host.nse b/scripts/http-malware-host.nse index 78e646af5..3fd35fdb9 100644 --- a/scripts/http-malware-host.nse +++ b/scripts/http-malware-host.nse @@ -27,24 +27,11 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"malware", "safe"} -require 'stdnse' require 'http' +require 'shortport' require 'stdnse' -portrule = function(host, port) - local svc = { std = { ["http"] = 1, ["http-alt"] = 1, ["http-proxy"] = 1 }, - ssl = { ["https"] = 1, ["https-alt"] = 1 } } - if port.protocol ~= 'tcp' - or not ( svc.std[port.service] or svc.ssl[port.service] ) then - return false - end - -- Don't bother running on SSL ports if we don't have SSL. - if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl') - and not nmap.have_ssl() then - return false - end - return true -end +portrule = shortport.http action = function(host, port) -- Check what response we get for a 404 diff --git a/scripts/http-methods.nse b/scripts/http-methods.nse index 650d86b68..85dd42f81 100644 --- a/scripts/http-methods.nse +++ b/scripts/http-methods.nse @@ -48,6 +48,7 @@ categories = {"default", "safe"} require("http") require("nmap") +require("shortport") require("stdnse") -- We don't report these methods except with verbosity. @@ -57,18 +58,7 @@ local UNINTERESTING_METHODS = { local filter_out, merge_headers -portrule = function(host, port) - if not (port.service == 'http' or port.service == 'https') - then - return(false) - end - -- Don't bother running on SSL ports if we don't have SSL. - if ((port.service == 'https' or port.version.service_tunnel == 'ssl') and not nmap.have_ssl()) - then - return(false) - end - return(true) -end +portrule = shortport.http action = function(host, port) local url_path, retest_http_methods diff --git a/scripts/http-passwd.nse b/scripts/http-passwd.nse index 207a190e0..86e0921d5 100644 --- a/scripts/http-passwd.nse +++ b/scripts/http-passwd.nse @@ -103,7 +103,7 @@ local output = function(passwd, dir) return out end -portrule = shortport.port_or_service({80, 443, 8080}, {"http", "https"}) +portrule = shortport.http action = function(host, port) local dirs = { diff --git a/scripts/http-php-version.nse b/scripts/http-php-version.nse index fc06fbe0b..b67b5afe9 100644 --- a/scripts/http-php-version.nse +++ b/scripts/http-php-version.nse @@ -25,7 +25,7 @@ categories = {"discovery", "safe"} require "http" require "shortport" -portrule = shortport.port_or_service({80, 443, 8080, 8443}, {"http", "https", "http-alt", "https-alt"}) +portrule = shortport.http -- These are the magic queries that return fingerprintable data. local LOGO_QUERY = "/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42" diff --git a/scripts/http-trace.nse b/scripts/http-trace.nse index 82f56b07a..34b5b793a 100644 --- a/scripts/http-trace.nse +++ b/scripts/http-trace.nse @@ -85,7 +85,7 @@ local validate = function(response, original) return end -portrule = shortport.port_or_service({80, 8080, 443}, {"http", "https"}) +portrule = shortport.http action = function(host, port) local cmd = "TRACE / HTTP/1.0\r\n\r\n" diff --git a/scripts/http-userdir-enum.nse b/scripts/http-userdir-enum.nse index 6e405f045..c38b4febd 100644 --- a/scripts/http-userdir-enum.nse +++ b/scripts/http-userdir-enum.nse @@ -29,27 +29,13 @@ CVE-2001-1013: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1013. -- |_ apache-userdir-enum: Potential Users: root (403), user (200), test (200) local http = require 'http' +local shortport = require 'shortport' local stdnse = require 'stdnse' local datafiles = require 'datafiles' ---- --- The script will run against http[s] and http[s]-alt tcp ports. -portrule = function(host, port) - local svc = { std = { ["http"] = 1, ["http-alt"] = 1 }, - ssl = { ["https"] = 1, ["https-alt"] = 1 } } - if port.protocol ~= 'tcp' or not - ( svc.std[port.service] or svc.ssl[port.service] ) then - return false - end - -- Don't bother running on SSL ports if we don't have SSL. - if (svc.ssl[port.service] or port.version.service_tunnel == 'ssl') and not - nmap.have_ssl() then - return false - end - return true -end +portrule = shortport.http diff --git a/scripts/robots.txt.nse b/scripts/robots.txt.nse index 7905b226b..0da93e003 100644 --- a/scripts/robots.txt.nse +++ b/scripts/robots.txt.nse @@ -25,7 +25,7 @@ author = "Eddie Bell" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {"default", "discovery", "safe"} -portrule = shortport.port_or_service({80, 8080,443}, {"http","https"}) +portrule = shortport.http local last_len = 0 -- split the output in 50 character length lines